github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Security Solution] Configure roles with AI Assistant (#170160)

Browse source 
## Summary

Adding `feature_securitySolutionAssistant.all` to all roles in Kibana.

Cypress test added to check different tiers have different authorization
to AI Assistant:

`x-pack/test/security_solution_cypress/cypress/e2e/ai_assistant/`
 - `ai_assistant_feature_complete.cy.ts`
 - `ai_assistant_feature_essentials.cy.ts`

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Sergi Massaneda 2023-11-02 18:44:02 +01:00 committed by GitHub
parent ecdd1f090b
commit 096847b686
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 110 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
packages/kbn-es/src/serverless_resources/roles.yml
View file

@ -128,6 +128,7 @@ t1_analyst:
- feature_siem.read_alerts
- feature_siem.endpoint_list_read
- feature_securitySolutionCases.read
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.read
@ -175,6 +176,7 @@ t2_analyst:
- feature_siem.read_alerts
- feature_siem.endpoint_list_read
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.read
@ -239,6 +241,7 @@ t3_analyst:
- feature_siem.actions_log_management_all # Response actions history
- feature_siem.file_operations_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.all
- feature_osquery.all
@ -289,6 +292,7 @@ threat_intelligence_analyst:
- feature_siem.endpoint_list_read
- feature_siem.blocklist_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.all
@ -353,6 +357,7 @@ rule_author:
- feature_siem.blocklist_all # Elastic Defend Policy Management
- feature_siem.actions_log_management_read
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.all
- feature_osquery.all
@ -420,6 +425,7 @@ soc_manager:
- feature_siem.file_operations_all
- feature_siem.execute_operations_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_osquery.all
@ -472,6 +478,7 @@ detections_admin:
- feature_siem.read_alerts
- feature_siem.crud_alerts
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_dev_tools.all
@ -520,6 +527,7 @@ platform_engineer:
- feature_siem.blocklist_all # Elastic Defend Policy Management
- feature_siem.actions_log_management_read
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_fleet.all
@ -583,6 +591,7 @@ endpoint_operations_analyst:
- feature_siem.file_operations_all
- feature_siem.execute_operations_all # Execute
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_osquery.all
@ -642,6 +651,7 @@ endpoint_policy_manager:
- feature_siem.host_isolation_exceptions_all
- feature_siem.blocklist_all # Elastic Defend Policy Management
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_osquery.all

10
x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml
View file

@ -175,6 +175,7 @@ t1_analyst:
- feature_siem.read_alerts
- feature_siem.endpoint_list_read
- feature_securitySolutionCases.read
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.read
@ -222,6 +223,7 @@ t2_analyst:
- feature_siem.read_alerts
- feature_siem.endpoint_list_read
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.read
@ -286,6 +288,7 @@ t3_analyst:
- feature_siem.actions_log_management_all # Response actions history
- feature_siem.file_operations_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.all
- feature_osquery.all
@ -336,6 +339,7 @@ threat_intelligence_analyst:
- feature_siem.endpoint_list_read
- feature_siem.blocklist_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.all
@ -400,6 +404,7 @@ rule_author:
- feature_siem.blocklist_all # Elastic Defend Policy Management
- feature_siem.actions_log_management_read
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.all
- feature_osquery.all
@ -467,6 +472,7 @@ soc_manager:
- feature_siem.file_operations_all
- feature_siem.execute_operations_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_osquery.all
@ -519,6 +525,7 @@ detections_admin:
- feature_siem.read_alerts
- feature_siem.crud_alerts
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_dev_tools.all
@ -567,6 +574,7 @@ platform_engineer:
- feature_siem.blocklist_all # Elastic Defend Policy Management
- feature_siem.actions_log_management_read
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_fleet.all
@ -630,6 +638,7 @@ endpoint_operations_analyst:
- feature_siem.file_operations_all
- feature_siem.execute_operations_all # Execute
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_osquery.all
@ -689,6 +698,7 @@ endpoint_policy_manager:
- feature_siem.host_isolation_exceptions_all
- feature_siem.blocklist_all # Elastic Defend Policy Management
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_osquery.all

35
x-pack/test/security_solution_cypress/cypress/e2e/ai_assistant/ai_assistant_feature_complete.cy.ts Normal file
View file

@ -0,0 +1,35 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { AI_ASSISTANT_BUTTON } from '../../screens/ai_assistant';
import { login } from '../../tasks/login';
import { visitGetStartedPage } from '../../tasks/navigation';
describe(
'App Features for Security Complete',
{
tags: ['@serverless'],
env: {
ftrConfig: {
productTypes: [
{ product_line: 'security', product_tier: 'complete' },
{ product_line: 'endpoint', product_tier: 'complete' },
],
},
},
},
() => {
beforeEach(() => {
login();
});
it('should have have AI Assistant available', () => {
visitGetStartedPage();
cy.get(AI_ASSISTANT_BUTTON).should('exist');
});
}
);

35
x-pack/test/security_solution_cypress/cypress/e2e/ai_assistant/ai_assistant_feature_essentials.cy.ts Normal file
View file

@ -0,0 +1,35 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { AI_ASSISTANT_BUTTON } from '../../screens/ai_assistant';
import { login } from '../../tasks/login';
import { visitGetStartedPage } from '../../tasks/navigation';
describe(
'App Features for Security Essentials',
{
tags: ['@serverless'],
env: {
ftrConfig: {
productTypes: [
{ product_line: 'security', product_tier: 'essentials' },
{ product_line: 'endpoint', product_tier: 'essentials' },
],
},
},
},
() => {
beforeEach(() => {
login();
});
it('should not have AI Assistant available', () => {
visitGetStartedPage();
cy.get(AI_ASSISTANT_BUTTON).should('not.exist');
});
}
);

8
x-pack/test/security_solution_cypress/cypress/screens/ai_assistant.ts Normal file
View file

@ -0,0 +1,8 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
export const AI_ASSISTANT_BUTTON = '[data-test-subj="assistantHeaderLink"]';

12
x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml
View file

@ -43,6 +43,7 @@ viewer:
- feature_siem.read_alerts
- feature_siem.endpoint_list_read
- feature_securitySolutionCases.read
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.read
@ -111,6 +112,7 @@ editor:
- feature_siem.actions_log_management_all # Response actions history
- feature_siem.file_operations_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.all
- feature_osquery.all
@ -156,6 +158,7 @@ t1_analyst:
- feature_siem.read_alerts
- feature_siem.endpoint_list_read
- feature_securitySolutionCases.read
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.read
@ -203,6 +206,7 @@ t2_analyst:
- feature_siem.read_alerts
- feature_siem.endpoint_list_read
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.read
@ -267,6 +271,7 @@ t3_analyst:
- feature_siem.actions_log_management_all # Response actions history
- feature_siem.file_operations_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.all
- feature_osquery.all
@ -317,6 +322,7 @@ threat_intelligence_analyst:
- feature_siem.endpoint_list_read
- feature_siem.blocklist_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.read
- feature_osquery.all
@ -381,6 +387,7 @@ rule_author:
- feature_siem.blocklist_all # Elastic Defend Policy Management
- feature_siem.actions_log_management_read
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.read
- feature_builtInAlerts.all
- feature_osquery.all
@ -448,6 +455,7 @@ soc_manager:
- feature_siem.file_operations_all
- feature_siem.execute_operations_all
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_osquery.all
@ -500,6 +508,7 @@ detections_admin:
- feature_siem.read_alerts
- feature_siem.crud_alerts
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_dev_tools.all
@ -548,6 +557,7 @@ platform_engineer:
- feature_siem.blocklist_all # Elastic Defend Policy Management
- feature_siem.actions_log_management_read
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_fleet.all
@ -611,6 +621,7 @@ endpoint_operations_analyst:
- feature_siem.file_operations_all
- feature_siem.execute_operations_all # Execute
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_osquery.all
@ -670,6 +681,7 @@ endpoint_policy_manager:
- feature_siem.host_isolation_exceptions_all
- feature_siem.blocklist_all # Elastic Defend Policy Management
- feature_securitySolutionCases.all
- feature_securitySolutionAssistant.all
- feature_actions.all
- feature_builtInAlerts.all
- feature_osquery.all